My pfSense Setup - VLANs, VPN, Firewall, DHCP

WOAH, Last night while staring into the blinky lights of my switch, listening to droning hum of my server fans, and rigioulessly running speed tests I was prayed to network gods in hopes that they would increase my network speed. when that didn't happen I was toataly thinking: Brett's network must be soo coool.

Super helpful to folks out there justed with pfsense. Your time and effort is very much appreciated.

Great video! I've been running pfSense on an older PC and it's great, but I've just barely scratched the surface on all it's capable of. I really have a lot to learn with it.

This is great! I love the 5000 ft view to see how everything fits together. I get lost during single topic in depth videos sometimes.

Last month, after getting annoyed trying to get vlans going on my router running asuswrt-merlin, I just pulled the trigger on an intel Celeron fanless box from alixpress... Loaded up pfsense and have let the cash hemorrhage rip as I went down the rabbit hole of upgrading the entire network.. Next month I'm getting a spool of cat6 and hitting the attic to replace some damaged cat5e cables and to add a few more drops. Your channel has been a huge help. Cheers!

I've been running pfSense for almost 7 years. Currently it's on a Qotom mini PC with i5 CPU, 4 GB RAM, 32 GB SSD and 4 1 Gb Ethernet ports. I have a VLAN for my guest WiFi, test LAN, connection to a Cisco router, OpenVPN server, DNS resolver, NTP server and more. I am quite happy with it. I'm also a regular participant on the pfSense software forum, where I'm a bit of an expert on using pfSense with IPv6. Fortunately, my IPv4 host name, from my ISP doesn't change, unless I change hardware, so I have an constant host name for connecting with OpenVPN and don't have to worry about DynDNS. I also have some of my IPv6 addresses on an external DNS server.

16:04 captan jack sparrow stuff 🤣 very well put sir. just found this channel and the vibes are already awesome

I just wanted to say thank you for explaining this. I am currently trying to build my PfSense box now and trying to learn all of this info. Thanks Buddy for this.

I think this is great. I have been doing (trying to do) a lot of this same stuff. A light went on that you had done this,I went back and rewatched and it was really helpful. Especially the "specify a gateway" at 15:25.
I would be interested in more of this or the line by line of setting it all up.

Nice. The only problem is “guessing” what any rule is for or not having a good description or documentation for your firewall setup.
Config backups can also be acceded through the GUI as every change gets recorded and can be restored to that state.
Btw, pfsense is not an “operating system”.
FreeBSD is the OS under pfsense, which is a bunch of packages, scripts and code on TOP of FreeBSD.

Dude this is a great channel! I'm glad I stumbled upon this

Keep up the great work my friend!! You're an inspiration to us all!!

Been subscribed for a while. Love the information you share, and your style of humor! Did you follow a specific guide (or guides) to set this up (and if yes, can you list your recommended guide(s)) you preferred to use? I know there is a lot of information online, but your home-lab setup is similar to mine (proxmox, synology, unifi products etc. I just haven't jumped into the pfsense world yet (even after spending many hours watching vids, reading reviews, etc. etc.). Cheers!

I just "discovered" your channel - super nice. I don't use pfsense but opnsense - but 90% is the same - just "vertical" instead of "horizontal" menu ;-)

I am on OPNsense. I did PFsense for a while and had an issue and tried OPNsense. (I think the issue was me) But anyway, it works and just stayed on it! They are both very similar. I really loved this video. Lots I'm trying to do and learn and this helped me gain some clarity.

Really like this compared to a lot of videos on the topic because there is as much "why" as there is "how".

Nice good and relaxing explanation of firewall stuff thanx

Great overview. I would like to get your opinion on firewalls. I don't need many of the features of PFsence, but I would like a "strong" firewall. I am using an edge router X now. Do you think the edge router is a good firewall. If not what will you recommend. As always great information in your video.

Nice one man. :D Love it. :D

I actually woke up with that thought "i need to figure out how to setup my pfsense" lmao, thank you for the video

I've been using pfSense since 2013, and it's by far the best firewall platform I've ever used. I hear so much stuff from people saying "pfSense sucks" or to use OPNsense, but for me there's literally no reason to switch. I tried OPNsense and can't get past the interface. OPNsense does nothing for me that pfSense doesn't already do. pfSense for life!

Great video. Long time pfSense user here. Any reason you are using Pi-Hole over pfBlockerNG? Same functions just built straight into Resolver and you can turn off forwarding by eliminating the Pi-Hole.

Hi, thank you for this info. All these firewall rules are related to interVLAN communication. But what about rules for incoming traffic? Is pfsense having a standard set of rules for this. Is everything closed? Bit confused about this.

Thanks for sharing! Have you ever used the NAT tool? I followed 2 different guides and I still can't get the NAT type on my Xbox to change from strict.

You are quickly becoming one of my preferred youtube tech channels Brotein Shake.

Great Stuff. Do you have a video on setting up a VLAN to keep my man PC away from IOT devices as well as other PCs on the my home network, with PFsense?

Thanks for the video! Have you ever played with PFBlockerNG (I know you mentioned Pihole already) and Suracata/Snort (For IDS/IPS)? I find there aren't many tutorials out there to show how to set this up and use it properly. I also wish PFSense had a way to host the Unifi Controller as an add-on service, instead of needing a separate container or VM on another machine.

System > General setup > Theme > pfSense-dark yw :P also great vid, ty :D

Now we takin', finally something interesting :)))))))

great work!

The style of humor/comedy here mixed with nerdy dweeb shit is right up my alley

great video thank you. how do you tell a device what vlan you want it to go on please say your setting up a alexa device

Great guide!

"Limit your guest to 10Kbit/s, and then they'll want to go home.........perfect!" haha, a man after my own heart

I just got the new mochabin and need to replace my trusty Opnsense. I'm just debating on what OS I should go with. OpenWRT, a custom build of VyOS or vanilla Linux either Ubuntu, Debian or RHEL. Hard choice 🥴 (I'm knowledged with routing so either choice will be fine)

I too have issues with the DNS resolver / Unbound in pfSense. I had to turn on the forward option to disable the direct pull of DNS from root domains. It seems to happen more on AT&T internet services (VSDL/Fiber) one part is a connection with no response from the root servers filling up the NAT table in their service gateways. The NVG 589 for example only has 4k entries even if you use passthrough it still takes a session from the box. I saw really bad issues when my State Table in the pfSense box go near 4k entries and 1/2 of them were requests from my DNS with no response. I don't know if AT&T is blocking or there is something with the IP passthough since there is no native bridge mode in AT&T equipment.

Great video

cheese factor of 10 here - opnsense is a fork and much better licensing - opnsense is way to go

Nice set up. Mine is very similar, except I don't have a privacy VPN. I don't practice safe piracy. I drink the rum straight from the bottle.

Is there a network simulation tool which I can use to first build a simulation for my homelab network and test before actually implementing it. May be something like cisco packet tracer but with the ability to use pfsense etc

Excellent

Great video. I have tmobile home internet and want to access my plex outside my home. I think pfsense is the solution using noip. Any feedback would be appreciated.

Great video! I was wondering, can pfsense run in a VM? What are the pros and cons of doing it that way?

I've heard there's issues with pfsense and upnp for online gaming ports. Have you run into any issues in that area?

Do you recommend this for a 10g network?

Good video man, we need to convert you to FruitLoops tho !

Interesting that you run your Guest Portal through Unifi and nor Pfsense

I'd like to know how you connect your Macbook to the box and use the screen and keyboard as input. Do you have a video on that?

0:00 surprisingly that's exactly what happened

I'm having the following weird issue on my home network doing Jack Sparrow's stuff 😂🤣. I have a TCP\UDP port open to it I check port status only and it says its open. Go to my Torrent app and it says is close but that I can still download stuff. If I get the download started on another ISP and then continue through my pfsense router it does it with no issues. However if it is a new fresh download it won't start on my pfrouter. I have never seen anything like this. Has anyone seen something similar?

My pf sense always blocks Outlook emails .
But work well after a reboot .
For about hour.
What might be the problem

How to create openvpn in pfsense and restrict my openvpn users to allow access to only specific ip? Please share how i can do this

One thing I notice adding PIA_VPN as gateway and splitting the traffic for some VLANS is if the VPN drops or became unavailable It will drop the connection to everything... Package loss for both WAN and VPN, seems to be a issue with pfsense. Any advice?

I've also had a pfSense firewall for years, right behind my provider router. They only see my phones and a single device, my firewall 😉

I'm currently use pfSense but having issue with port forwarding sume of game..

surprised at all the HA proxy setup considering you also have a video on cloudflare tunnels.

hi
can you pls tel me how to configure secondary wan configuration

I think this video just did its magic and I need to try it out now, because my asus router is just oof (I had problem with "out of memory")

Hi, do you uwe a centrale Authenticator Server like OpenLDAP for OpenVPN and NextCloud ex.. ?

Why is this preferred over OPNSense that has a more ethical history? I havent figured out why some people prefer Pfsense. I am trying to figure out what I would be missing out on.

Sir that's a great content for pfSense. Sir when explaining the traffic, it will be easier for understanding.

That intro tho hahahahaha

Baby back bi

You roll out pfsense to clients?

Are you for real in Spring Texas?

would be funny if you actually got a DDOS after this vijeo xD

Or wonder how my hair slipped down to the bottom of my face???

Lots of head scratching on your firewall rules, remember there is the description field so you can leave yourself handy notes ;)

NO I NEVER HAVE. YES, it is very very weird

Hello Sir, can I get your personal email or any form of communication channel to discuss a challenge am facing with pfsense for your help?

networking is aids for me when it doesn't work the way you want it to